Third party Single Sign On (SSO)

Do we have any plan to support SSO features in Ghost blog using third party application like keycloak. I wonder if this feature already exist and I am missing it.

Seconded, that would be pretty useful.

3 Likes

@scott_moree please don’t “+1”, the Ideas topics have a voting system, you can add your vote by clicking the “Vote” button in the top left of the page.

Duly noted and thank you Kevin.

Removed the post and used the build in voting system to up-vote.

2 Likes

It’s not of urgency but yeah, supporting universal SSO systems like Gravatar, Telegram & Firefox Sync can be pretty useful.

Do we have SSO feature in Ghost just like Discourse SSO? If so ,please share the link to setup SSO in Ghost. Thanks in advance.

3 Likes

Any updates on this? I’d love to have single sign-on too!

I found how to setup single sign-on and completely disable password authentication on a self-hosted NextCloud installation. I’d like very much to do the same for Ghost, since it makes authentication so much easier and safer when you can just login with Google.

2 Likes

Hey, any update on this? Would really help expand our slew of web apps with a SSO.

I’d love to see SSO. The current sign-on process via email is terrible. I’m on Ghost Pro and often the emails won’t arrive for minutes, which is a pretty bad user experience.

3 Likes

Integration for “Staff”/authors to some SAML/OAuth2 SSO providers would be of benefit to medium to large sized organizations.

Okta, LogMeIn, Azure ADFS, Google … these are some of the major SSO vendors.

This integration would allow an organization to securely manage access and to provision & de-provision authors as they come and go with the company.

Do we have a timeline of when the open source version will have this feature?

1 Like

There are no timelines. There’s no non-open-source version, all work on Ghost is open source.

1 Like

Someone mentioned here that there was SSO/OAuth support for the enterprise version. Is this true?

There’s an open invite for enterprise-plan customers to work with us on a beta implementation but so far none have needed it. Any work that is done would be in the open source version because there’s no “enterprise version”, there’s only the open source version :slight_smile:

3 Likes

Is there a discussion/plan about implementing OAuth2 that general open source developers such as myself can get involved in? The slack link just redirects to the forum and I see no discussions taking place in the forum for OAuth2 implementations.

work with us on a beta implementation

So is there or isn’t there a beta implementation?

1 Like

It seems like there was some discussion around oauth here a while back. It also links to a slack channel which you can’t access:

The ghost(pro) plans list it as a feature, I thought?

No one at all is using SSO?

I tried to roll my own a while ago but slammed into a few walls. It isn’t supported to run Ghost as an express app and use SSO libraries. I didn’t get far. I don’t remember what version I tried that on.

I’m not sure what the effort is but if they say Pro plan customers have zero interest in SSO or tokens I believe them.

Surely if this has been one of the most requested features, we’d have heard more from the developers themselves about supporting such a feature and perhaps working with community members to upstream any work?

Would any of the Ghost developers themselves care to comment on this and perhaps we can work together to resolve this?

Another open source blogging platform which allows you to self host looks like it has managed to implement OAuth:

1 Like

It’s in beta behind a paywall:

We’re currently working on support for using custom external authentication providers via OAuth2, and have a closed beta program for interested business plan customers.